Dumping an open source Honeypot on Rachel: FTC reloads on liquidating robocallers
- 19 July, 2014 06:45
The Federal Trade Commission today announced the rules for its second robocall exterminating challenge, known this time as Zapping Rachel Robocall Contest. "Rachel From Cardholder Services," was a large robocall scam the agency took out in 2012.
The Zapping Rachel contest will take place at DEF CON 22 in Las Vegas Aug. 7-10, and offers partakers $17,000 in cash prizes for developing open-source packages that could be used to build an advance robocall honeypot, circumvent or trick a honeypot, or analyze data from an existing honeypot, the FTC said.
+More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2014 (so far!)+
The FTC said a robocall honeypot is an information system designed to attract robocalls and gather information about them, which can help researchers and investigators combat these illegal, prerecorded messages.
According to the FTC Zapping Rachel will consist of three stand-alone phases:
1. A "Creator" phase where contestants will build honeypots that can recognize inaccurate information in the calls they receive, such as spoofed caller IDs, and identify calls that are likely robocalls. In designing the honeypot, competitors may not include any feature that requires ongoing manual processing.
2. The "Attacker" phase will get contestants to think like robocallers and attempt to circumvent or trick a honeypot created for the contest. Each contestant will receive a list of 25 phone numbers that belong to a robocall honeypot set up on the Twilio platform. Contestants will also have free access to a Twilio account with $15 of credit, which could equate to 200 calls to any of the 25 numbers. The credit may also be applied toward other Twilio features. Contestants will attempt to circumvent the robocall honeypot. Merely spoofing the caller ID information (i.e., providing inaccurate or missing Caller ID data) will not be counted as circumvention of the robocall honeypot.
3. The third "Detective" phase asks contestants to analyze data and develop an algorithm to predict which calls from an existing honeypot are likely robocalls. Judges will score submissions based on functionality and accuracy, as well as innovation and creativity. Each phase 3 contender will receive two sets of call data from an existing robocall honeypot. The Sponsor will provide this data at the FTC's "Zapping Rachel" booth at DEF CON 22, beginning at 9:00 am (PDT) on August 7, 2014
The first data set will identify calls that, based on real-world information, are likely to have been a robocall (a call delivering a prerecorded message). Based on information provided in the first data set, Contestants will develop an algorithm and will predict which of the calls in the second data set are likely to be robocalls. In addition to submitting these predictions, each Contestant will submit all source code and a written description of the algorithm consisting of fewer than 250 words.
In order to participate, contestants must be present at DEF CON, register in person and meet the eligibility criteria. Contestants can register as an individual or a team, and can compete in one, two, or all three phases of the contest, the FTC stated.
The judges for Zapping Rachel will be Dr. Mustaque Ahamad, Dr. Matthew Blaze, and Jonathan Curtis. Ahamad is a professor of computer science at the Georgia Institute of Technology, and a global professor of engineering at New York University Abu Dhabi. Blaze is a professor of computer science at the University of Pennsylvania School of Engineering and Applied Science. Curtis is the director of Solutions and Intelligence within the Compliance and Enforcement Sector at the Canadian Radio-television and Telecommunications Commission, according to the FTC.
Check out these other hot stories: